Lucene search
K

3503 matches found

Vulnrichment
Vulnrichment
added 2026/02/01 12:56 p.m.5 views

CVE-2022-50951 WiFi File Transfer 1.0.8 Persistent XSS via Web Server Input Validation

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

6.4CVSS5.5AI score0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.10 views

PT-2026-5572

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

6.4CVSS6AI score0.00305EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.5 views

dooblou WiFi File Transfer 跨站脚本漏洞

Dooblou WiFi File Transfer is a file transfer application developed by the dooblou company. Version 1.0.8 of Dooblou WiFi File Transfer contains a cross-site scripting vulnerability. This vulnerability stems from the use of file and folder names that contain storage-type cross-site scripts,...

6.4CVSS5.6AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.25 views

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS0.0104EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.21 views

CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

8.4CVSS0.00157EPSS
Exploits0References3
NVD
NVD
added 2026/01/29 7:16 p.m.6 views

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

6.9CVSS0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/01/29 7:16 p.m.8 views

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/29 6:5 p.m.4 views

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References3
CVE
CVE
added 2026/01/29 6:5 p.m.10 views

CVE-2025-15541

The CVE-2025-15541 entry describes an improper link resolution in the VX800v v1.0 SFTP service on TP-Link devices. Authenticated adjacent attackers can abuse crafted symbolic links to access system files, exposing high confidentiality impact and low integrity risk. Affected component: VX800v v1.0...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/29 2:28 p.m.28 views

CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...

6.2CVSS0.00167EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/29 2:28 p.m.5 views

CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...

6.2CVSS6AI score0.00167EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.4 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of SFTP service links, which may allow authenticated neighboring attackers to access system files using specially craft...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.5 views

QlikView security vulnerabilities

QlikView is a business intelligence and data visualization analysis software developed by the American company QlikView Corporation. Version QlikView 12.50.20000.0 contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the FTP server address input...

6.2CVSS5.8AI score0.00167EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.7 views

CVE-2020-36983

Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during syste...

8.5CVSS6.2AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 6:16 p.m.6 views

CVE-2020-36964

YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash...

8.7CVSS6.1AI score0.00396EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.7 views

PT-2026-5156

YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash...

9.8CVSS6.1AI score0.00396EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.6 views

YATinyWinFTP buffer error vulnerability

YATinyWinFTP is an FTP server developed by ik80’s individual developer. YATinyWinFTP has a buffer error vulnerability; this vulnerability arises from sending certain data that may trigger a buffer overflow, potentially leading to a denial-of-service attack...

9.8CVSS6AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.6 views

Pablo Software Solutions Quick n Easy FTP Service Code Issues and Vulnerabilities

Pablo Software Solutions Quick n Easy FTP Service is a Windows platform FTP server software provided by Pablo Software Solutions. Version 3.2 of Pablo Software Solutions Quick n Easy FTP Service has a code vulnerability caused by an unquoted service path, which may allow local attackers to execut...

8.5CVSS6.2AI score0.00162EPSS
Exploits0References5
Fedora
Fedora
added 2026/01/23 12:56 a.m.8 views

[SECURITY] Fedora 43 Update: vsftpd-3.0.5-14.fc43

vsftpd is a Very Secure FTP daemon. It was written completely from scratch...

6.5CVSS5.8AI score0.00737EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004924 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over...

5.5CVSS6AI score0.00146EPSS
Exploits0References4
Rows per page
Query Builder